Fake ‘Cthulhu World’ P2E project used to push info-stealing malware
Hackers have created a fake 'Cthulhu World' play-to-earn community, including websites, Discord groups, social accounts, and a Medium developer site, to…
Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug
Hackers have exploited a zero-day vulnerability in General Bytes Bitcoin ATM servers to steal cryptocurrency from customers. [...]
241 npm and PyPI packages caught dropping Linux cryptominers
More than 200 malicious packages were discovered infiltrating the PyPI and npm open source registries this week. These packages are…
Software Supply Chain Chalks Up a Security Win With New Crypto Effort
GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort…
Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan
Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.
NFTS Are Cool but Dangerous
By Guy Rosefelt, CPO, Sangfor Technologies NFTs have become very popular with collectors and are more ubiquitous every […] The…
Phishing attack abuses Microsoft Azure, Google Sites to steal crypto
A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web…
Microsoft August 2022 Patch Tuesday fixes exploited zero-day, 121 flaws
Today is Microsoft's August 2022 Patch Tuesday, and with it comes fixes for the actively exploited 'DogWalk' zero-day vulnerability and…
deBridge Finance crypto platform targeted by Lazarus hackers
Hackers suspected to be from the North Korean Lazarus group tried their luck at stealing cryptocurrency from deBridge Finance, a…
Email marketing firm hacked to steal crypto-focused mailing lists
Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists…